package org.bouncycastle.crypto.tls;

import java.io.IOException;
import java.util.Hashtable;
import java.util.Vector;
import org.bouncycastle.util.Arrays;

/* loaded from: classes5.dex */
public abstract class AbstractTlsServer extends AbstractTlsPeer implements TlsServer {

    /* renamed from: a, reason: collision with root package name */
    protected TlsCipherFactory f8761a;
    protected TlsServerContext b;
    protected ProtocolVersion c;
    protected int[] d;
    protected short[] e;
    protected boolean f;
    protected short g;
    protected boolean h;
    protected Vector i;
    protected int[] j;
    protected short[] k;
    protected short[] l;
    protected ProtocolVersion m;
    protected int n;
    protected short o;
    protected Hashtable p;

    public AbstractTlsServer() {
        this(new DefaultTlsCipherFactory());
    }

    public AbstractTlsServer(TlsCipherFactory tlsCipherFactory) {
        this.f8761a = tlsCipherFactory;
    }

    protected boolean a() {
        return true;
    }

    protected boolean b() {
        return false;
    }

    protected Hashtable c() {
        Hashtable ensureExtensionsInitialised = TlsExtensionsUtils.ensureExtensionsInitialised(this.p);
        this.p = ensureExtensionsInitialised;
        return ensureExtensionsInitialised;
    }

    protected ProtocolVersion d() {
        return ProtocolVersion.TLSv11;
    }

    protected boolean e(int[] iArr, short[] sArr) {
        if (iArr == null) {
            return TlsECCUtils.hasAnySupportedNamedCurves();
        }
        for (int i : iArr) {
            if (NamedCurve.isValid(i) && (!NamedCurve.refersToASpecificNamedCurve(i) || TlsECCUtils.isSupportedNamedCurve(i))) {
                return true;
            }
        }
        return false;
    }

    @Override // org.bouncycastle.crypto.tls.TlsServer
    public CertificateRequest getCertificateRequest() throws IOException {
        return null;
    }

    @Override // org.bouncycastle.crypto.tls.TlsServer
    public CertificateStatus getCertificateStatus() throws IOException {
        return null;
    }

    @Override // org.bouncycastle.crypto.tls.TlsPeer
    public TlsCipher getCipher() throws IOException {
        return this.f8761a.createCipher(this.b, TlsUtils.getEncryptionAlgorithm(this.n), TlsUtils.getMACAlgorithm(this.n));
    }

    protected abstract int[] getCipherSuites();

    @Override // org.bouncycastle.crypto.tls.TlsPeer
    public TlsCompression getCompression() throws IOException {
        if (this.o == 0) {
            return new TlsNullCompression();
        }
        throw new TlsFatalAlert((short) 80);
    }

    protected short[] getCompressionMethods() {
        return new short[]{0};
    }

    protected ProtocolVersion getMinimumVersion() {
        return ProtocolVersion.TLSv10;
    }

    @Override // org.bouncycastle.crypto.tls.TlsServer
    public NewSessionTicket getNewSessionTicket() throws IOException {
        return new NewSessionTicket(0L, TlsUtils.EMPTY_BYTES);
    }

    @Override // org.bouncycastle.crypto.tls.TlsServer
    public int getSelectedCipherSuite() throws IOException {
        Vector usableSignatureAlgorithms = TlsUtils.getUsableSignatureAlgorithms(this.i);
        boolean e = e(this.j, this.k);
        for (int i : getCipherSuites()) {
            if (Arrays.contains(this.d, i) && ((e || !TlsECCUtils.isECCCipherSuite(i)) && TlsUtils.isValidCipherSuiteForVersion(i, this.m) && TlsUtils.isValidCipherSuiteForSignatureAlgorithms(i, usableSignatureAlgorithms))) {
                this.n = i;
                return i;
            }
        }
        throw new TlsFatalAlert((short) 40);
    }

    @Override // org.bouncycastle.crypto.tls.TlsServer
    public short getSelectedCompressionMethod() throws IOException {
        short[] compressionMethods = getCompressionMethods();
        for (int i = 0; i < compressionMethods.length; i++) {
            if (Arrays.contains(this.e, compressionMethods[i])) {
                short s = compressionMethods[i];
                this.o = s;
                return s;
            }
        }
        throw new TlsFatalAlert((short) 40);
    }

    @Override // org.bouncycastle.crypto.tls.TlsServer
    public Hashtable getServerExtensions() throws IOException {
        if (this.f && a() && TlsUtils.isBlockCipherSuite(this.n)) {
            TlsExtensionsUtils.addEncryptThenMACExtension(c());
        }
        short s = this.g;
        if (s >= 0 && MaxFragmentLength.isValid(s)) {
            TlsExtensionsUtils.addMaxFragmentLengthExtension(c(), this.g);
        }
        if (this.h && b()) {
            TlsExtensionsUtils.addTruncatedHMacExtension(c());
        }
        if (this.k != null && TlsECCUtils.isECCCipherSuite(this.n)) {
            this.l = new short[]{0, 1, 2};
            TlsECCUtils.addSupportedPointFormatsExtension(c(), this.l);
        }
        return this.p;
    }

    @Override // org.bouncycastle.crypto.tls.TlsServer
    public Vector getServerSupplementalData() throws IOException {
        return null;
    }

    @Override // org.bouncycastle.crypto.tls.TlsServer
    public ProtocolVersion getServerVersion() throws IOException {
        if (getMinimumVersion().isEqualOrEarlierVersionOf(this.c)) {
            ProtocolVersion d = d();
            if (this.c.isEqualOrEarlierVersionOf(d)) {
                ProtocolVersion protocolVersion = this.c;
                this.m = protocolVersion;
                return protocolVersion;
            }
            if (this.c.isLaterVersionOf(d)) {
                this.m = d;
                return d;
            }
        }
        throw new TlsFatalAlert((short) 70);
    }

    @Override // org.bouncycastle.crypto.tls.TlsServer
    public void init(TlsServerContext tlsServerContext) {
        this.b = tlsServerContext;
    }

    @Override // org.bouncycastle.crypto.tls.TlsServer
    public void notifyClientCertificate(Certificate certificate) throws IOException {
        throw new TlsFatalAlert((short) 80);
    }

    @Override // org.bouncycastle.crypto.tls.TlsServer
    public void notifyClientVersion(ProtocolVersion protocolVersion) throws IOException {
        this.c = protocolVersion;
    }

    @Override // org.bouncycastle.crypto.tls.TlsServer
    public void notifyFallback(boolean z) throws IOException {
        if (z && d().isLaterVersionOf(this.c)) {
            throw new TlsFatalAlert((short) 86);
        }
    }

    @Override // org.bouncycastle.crypto.tls.TlsServer
    public void notifyOfferedCipherSuites(int[] iArr) throws IOException {
        this.d = iArr;
        TlsECCUtils.containsECCCipherSuites(iArr);
    }

    @Override // org.bouncycastle.crypto.tls.TlsServer
    public void notifyOfferedCompressionMethods(short[] sArr) throws IOException {
        this.e = sArr;
    }

    @Override // org.bouncycastle.crypto.tls.TlsServer
    public void processClientExtensions(Hashtable hashtable) throws IOException {
        if (hashtable != null) {
            this.f = TlsExtensionsUtils.hasEncryptThenMACExtension(hashtable);
            short maxFragmentLengthExtension = TlsExtensionsUtils.getMaxFragmentLengthExtension(hashtable);
            this.g = maxFragmentLengthExtension;
            if (maxFragmentLengthExtension >= 0 && !MaxFragmentLength.isValid(maxFragmentLengthExtension)) {
                throw new TlsFatalAlert((short) 47);
            }
            this.h = TlsExtensionsUtils.hasTruncatedHMacExtension(hashtable);
            Vector signatureAlgorithmsExtension = TlsUtils.getSignatureAlgorithmsExtension(hashtable);
            this.i = signatureAlgorithmsExtension;
            if (signatureAlgorithmsExtension != null && !TlsUtils.isSignatureAlgorithmsExtensionAllowed(this.c)) {
                throw new TlsFatalAlert((short) 47);
            }
            this.j = TlsECCUtils.getSupportedEllipticCurvesExtension(hashtable);
            this.k = TlsECCUtils.getSupportedPointFormatsExtension(hashtable);
        }
    }

    @Override // org.bouncycastle.crypto.tls.TlsServer
    public void processClientSupplementalData(Vector vector) throws IOException {
        if (vector != null) {
            throw new TlsFatalAlert((short) 10);
        }
    }
}
